We are in the process of trying to expose the Portal to the internet. 

We only want users to have access to forgot-password page and not the login page.  In IIS we are trying to block login but it will not work.  I have tried blocking "\login" in IIS from the Request Filtering section but will not work.  It seems by looking at the IIS logs the only part of the URL that gets loaded is up to index and nothing after that so I can't filter and block it.  

Example:  I want to block https://identityportal.domain.com/sigma/app/index#/login

and only allow
https://identityportal.domain.com/sigma/app/index#/forgot-password

Release : 14.2, 14.3, 14.4

Component : SIGMA-Identity Suite

There are no individual pages within the Identity Portal.  Portal is a 'single page web application that runs on the client side'  that is dynamically building what the end user sees based on their session information.  No valid session the Portal dynamically loads the /sigma/index#/login page, if you have a session it dynamically loads the /sigma/index#/Home page and so on. 

Since everything within the Portal is loaded from the /sigma/index page, attempting to block the root of /sigma/ or /sigma/index/ will block the entire portal including the forgotten password page. 

The Portal does offer public pages which are exposed on the URL: /sigma/public/index 
This will allow you to block the entire /sigma/index page to prevent external access into the core of the Portal, and allow access to /sigma/public/ URLS for forgotten user or password actions:

https://identityportal.domain.com/sigma/public/index#/forgot-password